1. Field of the Invention
The present invention relates to an apparatus and method for sharing user control enhanced digital identity, and more particularly, to an apparatus for sharing user control enhanced digital identity, which grants user control for protecting user's privacy and a method therefore.
This work was supported by the IT R&D program of MIC/IITA [2007-S-601-01, Development of User Control Enhanced Digital Identity Wallet System].
2. Description of the Related Art
In the current Internet environment, phishing attacks, etc. can cause leakage of personal information and convenience and security are vulnerable due to various authentication methods and different personal information input methods for each site. Further, most sites requests more personal information than is necessary to provide an Internet service. All rights for controlling personal information are transferred to a service provider only by a general agreement with stipulations at the time of subscribing to the Internet site, such that there is a problem in that a user cannot control usage of the personal information. Accordingly, measures are needed for decreasing infringement of the personal information due to illegal usage of personal information by providing an intuitive and consistent authentication method, and enhancing the user control for the personal information.
Currently, with the rise of Web 2.0 that is oriented to sharing and opening of the information, a mash-up service based Internet business has becomes the new trend. Many large enterprises have started businesses relating to Web 2.0 that provides highly valuable services through information sharing, user's participation, and information opening. Further, it is expected that a mash-up service that converge contents and technologies into one will rapidly grow. However, problems such as an invasion of privacy and vulnerable security of an existing Web environment in relation to usage of the personal information have not been solved. Further, the fear of invasion of privacy due to the sharing of the personal information has increased.
Therefore, measures for protecting the personal information continuously accumulated in the Internet and protecting the privacy are required.
In order to solve the above-mentioned problems, the users have the following limits from a user's point of view at the time of applying an existing identity management technology. Users must still experience inconvenience to manage credentials issued from various sites. Further, since a privacy policy is different for each site, it is difficult for the users to appreciate and recognize such a policy. The users cannot control how their own information is distributed and used. Meanwhile, there is the following drawback from a service provider's point of view. Since a security policy and a privacy policy are different for each domain, it takes a long time and high cost to incorporate systems and services that have already built up in each domain. Further, in the case in which the number of domains to be shared is large, complexity thereof increases by geometric progression, such that it may be difficult to share the identity according to a provider's intention. Although common discrimination and representation styles of the identity in order to associate different services with service providers, contrivances for satisfying such a necessity have not yet been provided. Moreover, first of all, since interests among the service providers clash with each other, it is not easy to provide the services by using two different service providers.